Internal security operations centers in large companies halve the financial impact of data breaches

Aurel Constantin 08/10/2019 | 11:58

Companies with an internal security operation center (SOC) estimate the financial damage caused by a cyber attack at USD 675,000, which represents less than half of the average cost of impact for large companies (USD 1.41 million ), a new Kaspersky and B2B International survey shows.

Changes that a company can make to reduce data breach losses include hiring a Data Protection Officer (DPO), as 34 percent of companies of all sizes have this position reporting that the cyber incident has suffered it did not result in monetary losses.

Every year, data breaches become more expensive for companies. In 2019, this cost increased to USD 1.41 million, from USD 1.23 million in the previous year, the new Kaspersky report shows. “The economic data of IT security in 2019: how big companies lose money and how they save in the case of cyber attacks.” Against this backdrop, large organizations are investing more in cyber security: this year, their IT security budgets averaged USD 18.9 million, compared to USD 8.9 million in 2018.

As the report shows, investing in security software and IT security professionals is paying off. This is confirmed in companies with an internal SOC, which suffer less damage caused by data breaches.

Large companies can try to reduce the financial impact of a data breach by building an internal SOC, responsible for ongoing monitoring of security events and incident response. Adopting a security operations center halves data breach losses at USD 675,000. There are also savings for larger SMEs (with over 500 employees) that create a SOC, the total financial impact of a data breach for these companies being estimated at USD 106,000, compared to USD 129,000 for an SME of this size.

The average cost of a data breach

However, outsourced SOC centers do not reduce the costs of data breaches for large companies. Our study showed that outsourcing security to a Distributed Security Service Provider (MSP) could even increase the financial impact, especially if the company uses a sub-qualified subcontractor: 23 percent of companies using an MSP provider had a financial impact of between USD 100,000 and USD 249,000, while only 19 percent of those with an internal IT team reported this level of damage.

Another way to reduce the costs of a breach is by hiring a Data Protection Officer (DPO). He is an employee responsible for building and implementing the data protection strategy within a company, as well as managing compliance issues. The survey found that more than a third of organizations (34 percent) with a DPO, who suffered a data breach, had no financial loss, compared to only one-fifth (20 percent) of companies in general.

“The establishment of an internal security operations center involves the acquisition of the necessary infrastructure, the creation of processes and the recruitment of analysts, which can be a challenge for any business,” said Veniamin Levtsov, VP, Corporate Business at Kaspersky. “Also, finding a DPO that can combine legal knowledge with IT security is not an easy task. These things take time and budgets, and security leaders often find it difficult to justify such initiatives. But, as we can see, there are investments worth the effort. Of course, the mere fact that you have a dedicated employee or even a special subdivision does not guarantee that a company will not suffer a data breach, but it is a guarantee that the business is prepared for these incidents, allowing them to recover faster and more efficiently. following an attack.”

Kaspersky offers solutions and services that support internal security operations centers. They help overcome the most common barriers to a functional SOC, such as lack of visibility across the company or insufficient threat information, and improve its performance.

Kaspersky Global Corporate Risks Security Survey (ITSRS) is a global study among IT decision makers, now in its ninth edition. In total, 4,958 interviews were conducted in 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face, and the costs they must face when recovering from attacks. The regions covered are Latin America, Europe, North America, APAC (Asia-Pacific with China), Japan , Russia and META (Middle East, Turkey and Africa).

Close ×

We use cookies for keeping our website reliable and secure, personalising content and ads, providing social media features and to analyse how our website is used.

Accept & continue